Manager Cybersecurity & Information Security (Emiratization)

Manager Cybersecurity & Information Security (Emiratization) – Tabreed, Abu Dhabi, United Arab Emirates

The Information Security Manager will lead the development and execution of the company's cybersecurity strategy across both IT and OT environments. This role ensures the protection of business systems and critical infrastructure by implementing industry-aligned security frameworks and technologies. The manager will oversee a dedicated security team and collaborate with IT, O&M, OT engineering, compliance, and business stakeholders to strengthen risk posture and support secure digital transformation.

• Develop and implement company cybersecurity strategy, policies, and procedures covering both IT and OT domains, aligned with industry standards (NIST CSF, ISO 27001, IEC 62443, CIS Controls).
• Lead the development of enterprise-wide risk management processes, including identification, assessment, mitigation, and reporting of cyber risks across IT and OT environments.
• Define and maintain the cybersecurity roadmap and security architecture to support business goals and regulatory requirements.
• Manage cybersecurity governance, including internal security audits, compliance reporting, and coordination with internal audit and regulatory bodies.

• Oversee the implementation and management of cybersecurity technologies, including EDR, DLP, IAM, PAM, NGFWs, VPN, MFA, and enterprise-grade SIEM.
• Manage the vulnerability management program using tools like Tenable and Microsoft Defender.
• Lead incident response for IT threats such as malware, phishing, and unauthorized access.
• Monitor security events and ensure appropriate threat response.
• Manage user access controls and identity lifecycle management.

• Collaborate with OT infrastructure engineering, operations teams, and vendors to assess and implement cybersecurity controls across SCADA, PLCs, DCS, HMI, and other ICS systems.
• Define and maintain OT network segmentation strategies (DMZs, VLANs, firewalls) to isolate critical assets and prevent lateral movement.
• Deploy and manage industrial threat detection platforms, including Nozomi Networks and IBM QRadar, to monitor OT environments.
• Lead OT-specific incident response efforts, ensuring containment without operational disruption.
• Enforce secure remote access to OT systems via jump servers, MFA, and session monitoring.

• Ensure compliance with industry and regulatory requirements (ISO 27001, IEC 62443, UAE DoE Cybersecurity Standards).
• Coordinate with legal, compliance, and audit teams on data privacy and cyber audits.
• Maintain documentation including risk registers and incident reports.

• Lead and mentor the cybersecurity team across IT and OT domains.
• Manage security projects from planning to post-deployment monitoring.
• Conduct security awareness training and simulations.
• Report regularly to executive management on risk and security posture.

• Bachelor’s degree in computer science, Information Security, Engineering, or a related field.
• 10+ years in cybersecurity, with 5+ years managing both IT and OT environments.
• Relevant certifications: CISM, CISSP, CRISC, GICSP, or IEC 62443 Certified Professional.
• Strong knowledge of NIST CSF, ISO 27001, IEC 62443, CIS Controls, MITRE ATT&CK.
• Experience with security tools: SIEM, EDR, DLP, IAM, PAM, IDS / IPS, NGFW, OT threat detection platforms.
• Proven experience with compliance in critical infrastructure or regulated sectors.
• Excellent leadership and collaboration skills

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting
• Utilities
• Oil and Gas